Lector de Feeds

Mageia’s next General Assembly will be held online on Wednesday, the 22nd of April 2026 at 17:00 UTC (19:00 CEST).

It will also be an Extraordinary General Assembly, assuming at least one third of the Association members is present or represented.

Agenda:

1. Foreword by the president
2. Financial report by the treasurer and approvals
3. Executive committee management report
4. Budget allocation vote

As part of the Extraordinary Assembly, vote for:

5. the redefinition of members in the constitution, with direct application
6. fixing a typo in the constitution
7. numbering paragraphs in the constitution
8. updating an address in the constitution

Only Association members have the right to vote.

When too few members are present or represented, then the Extraordinary General Assembly will be postponed by at least two weeks.

More information can be found in a copy of the original invitation to the Association members.

If you are a Mageia contributor you can join the meeting, too. Just send a mail to the discuss mailing list of your team and we will tell you where we meet.

← Older revision Revision as of 06:46, 30 March 2026 Line 25: Line 25:     Documentación: https://dnf5.readthedocs.io/en/latest/ Documentación: https://dnf5.readthedocs.io/en/latest/  +  +A partir de Mageia 10, el uso del comando {{Cmd|dnf}} invocará DNF5.     == Elegir repositorios == == Elegir repositorios == Line 41: Line 43:     Repita si necesita las versiones 32 bit de los repositorios nonfree y tainted (vea ejemplo anterior). Repita si necesita las versiones 32 bit de los repositorios nonfree y tainted (vea ejemplo anterior).  +  +=== UUsando dnf5 ===  +  +Con {{Prog|dnf5}} la sintaxis ha cambiado ligeramente, ver [https://dnf5.readthedocs.io/en/latest/dnf5_plugins/config-manager.8.html#examples Ejemplos de dnf5 config-manager]:<br/>  +{{Cmd|dnf config-manager setopt mageia-x86_64-nonfree.enabled{{=}}1 updates-x86_64-nonfree.enabled{{=}}1}} <br/>  +{{Cmd|dnf config-manager setopt mageia-x86_64-tainted.enabled{{=}}1 updates-x86_64-tainted.enabled{{=}}1}} <br/>     * Para Cauldron, cambie "mageia" por "cauldron" y "updates", "backports", etc. por "cauldron-updates", "cauldron-backports", etc en los comando anteriores. * Para Cauldron, cambie "mageia" por "cauldron" y "updates", "backports", etc. por "cauldron-updates", "cauldron-backports", etc en los comando anteriores. Joselp

‎Games: mention Wine 11

← Older revision Revision as of 16:56, 29 March 2026 Line 405: Line 405:  === Games === === Games ===    −In the Mageia community, our love for free software extends to open source games. A huge effort has been made during the Mageia 10 release cycle to package many new games, making Mageia 10 a very good platform for intensive and casual gamers alike. You can check the Mageia App DB to see a list of <!-- [https://madb.mageia.org/package/comparison/release/9/withrelease/10/group/78%2C20%2C64%2C10%2C30%2C46%2C109%2C138%2C74%2C1 '''(FIXME!)''' all the new and updated games in Mageia 10] -->[https://madb.mageialinux-online.org/group?distribution=cauldron&architecture=x86_64&graphical=1&group=Games&exact=0 available games] clicking on the category you like. <!--The following section will only give some cherry-picked examples for each game category.--> Also see [[Ways_to_install_programs#Game_environments_.28and_some_apps_too.29|Game environments]].+In the Mageia community, our love for free software extends to open source games. A huge effort has been made during the Mageia 10 release cycle to package many new games, making Mageia 10 a very good platform for intensive and casual gamers alike. You can check the Mageia App DB to see a list of <!-- [https://madb.mageia.org/package/comparison/release/9/withrelease/10/group/78%2C20%2C64%2C10%2C30%2C46%2C109%2C138%2C74%2C1 '''(FIXME!)''' all the new and updated games in Mageia 10] -->[https://madb.mageialinux-online.org/group?distribution=cauldron&architecture=x86_64&graphical=1&group=Games&exact=0 available games] clicking on the category you like. <!--The following section will only give some cherry-picked examples for each game category.--> Also see [[Ways_to_install_programs#Game_environments_.28and_some_apps_too.29|Game environments]], and [[Ways_to_install_programs#Wine|Wine]] have been updated to version 11, significantly boosting some games.     === Education === === Education === Morgano

Publication date: 29 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-32874 , CVE-2026-32875 Description CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1]) integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop. References

• https://bugs.mageia.org/show_bug.cgi?id=35258
• https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wgvc-ghv9-3pmm
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FAXR2DP4Q5GMDURV7CAFQ5YGYAOMVNL/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32874
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32875

SRPMS 9/core

• python-ujson-5.7.0-1.1.mga9

Publication date: 29 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25075 Description strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. (CVE-2026-25075) References

• https://bugs.mageia.org/show_bug.cgi?id=35265
• https://lists.debian.org/debian-security-announce/2026/msg00085.html
• https://ubuntu.com/security/notices/USN-8117-1
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WWO45DS2P5I7KBXXZSDAS4ECX6DR3NYJ/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25075

SRPMS 9/core

• strongswan-5.9.14-1.2.mga9

Publication date: 28 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-21637 , CVE-2026-21710 , CVE-2026-21713 , CVE-2026-21714 , CVE-2026-21715 , CVE-2026-21716 , CVE-2026-21717 Description Incomplete fix for CVE-2026-21637: loadSNI() in _tls_wrap.js lacks try/catch leading to Remote DoS. (CVE-2026-21637) Denial of Service via __proto__ header name in req.headersDistinct (Uncaught TypeError crashes Node.js process). (CVE-2026-21710) Timing side-channel in HMAC verification via memcmp() in crypto_hmac.cc leads to potential MAC forgery. (CVE-2026-21713) Memory leak in Node.js HTTP/2 server via WINDOW_UPDATE on stream 0 leads to resource exhaustion. (CVE-2026-21714) Permission Model Bypass in realpathSync.native Allows File Existence Disclosure. (CVE-2026-21715) CVE-2024-36137 Patch Bypass - FileHandle.chmod/chown. (CVE-2026-21716) HashDoS in V8. (CVE-2026-21717) References

• https://bugs.mageia.org/show_bug.cgi?id=35270
• https://nodejs.org/en/blog/vulnerability/march-2026-security-releases
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21637
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21710
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21713
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21714
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21715
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21716
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21717

SRPMS 9/core

• nodejs-22.22.2-1.mga9

Publication date: 28 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33416 , CVE-2026-33636 Description Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE. (CVE-2026-33416) Out-of-bounds read/write in the palette expansion on ARM Neon. (CVE-2026-33636) References

• https://bugs.mageia.org/show_bug.cgi?id=35279
• https://www.openwall.com/lists/oss-security/2026/03/26/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636

SRPMS 9/core

• libpng-1.6.38-1.5.mga9

‎LXQt and Wayland: mga#35245

← Older revision Revision as of 02:34, 28 March 2026 Line 171: Line 171:  ==== LXQt and Wayland ==== ==== LXQt and Wayland ====    −{{bug|34495}} The Mageia Control Center and other GUI tools may not open after entering the password. '''WORKAROUND:''' Use kwin_wayland as window manager for the LXQt Wayland session, or try one of the scripts attached in the report, as root put one or both in (by example) {{folder|/usr/bin}} and give execution rights, take care of the warning in comment 18.+{{bug|34495}},{{bug|35245}} The Mageia Control Center and other GUI tools may not open after entering the password. '''WORKAROUND:''' Use kwin_wayland as window manager for the LXQt Wayland session, or try one of the scripts attached in the report, as root put one or both in (by example) {{folder|/usr/bin}} and give execution rights, take care of the warning in {{bug|34495#c18}}. −       <br> <br> Katnatek

Publication date: 27 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-9301 Description cmake cmForEachCommand.cxx ReplayItems assertion. (CVE-2025-9301 References

• https://bugs.mageia.org/show_bug.cgi?id=35263
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LRYGBCSAOIXW3H7GXSATU2RXSYBKTGFL/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9301

SRPMS 9/core

• cmake-3.26.4-1.1.mga9

Con el lanzamiento de la primera versión candidata previsto para las próximas semanas, es hora de finalizar el arte para Mageia 10. Antes de elegir las imágenes, nos entusiasma ver todas las propuestas y la creatividad de los participantes. Sin duda, contribuirán a que Mageia 10 luzca genial. Agradecemos a todos los que han dedicado su tiempo a esto.

Habrá dos votaciones: una para fondos y otra para salvapantallas. El fondo principal se elegirá entre los 5 mejores, y los finalistas se incluirán como fondos adicionales. Los salvapantallas se seleccionarán entre las 20 imágenes más adecuadas.

Se elegiran por parte del Consejo de Mageia y el Equipo Atelier, las 5 mejores imágenes para fondos y las 20 mejores para salvapantallas, clasificandolas del 1.º al 5.º puesto para fondos y del 1.º al 20.º para salvapantallas. Se tendrán en cuenta las directrices de diseño y los colores de Mageia para los fondos. Para los salvapantallas, imágenes que se recorten bien y creen un buen reflejo. 

El primer clasificado para el fondo de escritorio, tendrá una mención especial en la pantalla de bienvenida de Mageia 10.

Las imágenes seleccionadas para screensavers, tendrán una mención de su autor como firma en marca de agua en la parte inferior derecha.

¡Gracias de nuevo a todos los que participaron para hacer que Mageia brille!

With the release of the first version candidate planned for the coming weeks, it’s time to finalize the artwork for Mageia 10. Before choosing the images, we’re excited to see all the submissions and the creativity of the participants. They will undoubtedly contribute to making Mageia 10 look fantastic. We thank everyone who has dedicated their time to this.

There will be two votes: one for backgrounds and one for screensavers. The main background will be chosen from the top 5, and the runners-up will be included as additional backgrounds. The screensavers will be selected from the 20 most suitable images.

The Mageia Council and the Atelier Team will choose the 5 best images for backgrounds and the 20 best for screensavers, ranking them from 1st to 5th place for backgrounds and from 1st to 20th for screensavers. Mageia’s design guidelines and colors will be taken into account for backgrounds. For screensavers, images that are well-cropped and create a good reflection are preferred.

The first-place winner for desktop background will receive a special mention on the Mageia 10 welcome screen.

The selected images for screensavers will have their author’s name watermarked in the bottom right corner.

Thanks again to everyone who participated in making Mageia shine!

__________________________________________________________________

← Older revision Revision as of 14:09, 27 March 2026 Line 37: Line 37:  # {{Press item|Distrowatch|https://distrowatch.com/?newsid{{=}}12767|Development Release: Mageia 10 Beta 1| 2026-03-20}} # {{Press item|Distrowatch|https://distrowatch.com/?newsid{{=}}12767|Development Release: Mageia 10 Beta 1| 2026-03-20}}  # {{Press item|YouTube - DistroTester|https://www.youtube.com/watch?v{{=}}ekcdTKy-2oo|Mageia 10 Beta Released with Linux Kernel 6.18 and KDE Plasma 6.5| March 21 2026}} # {{Press item|YouTube - DistroTester|https://www.youtube.com/watch?v{{=}}ekcdTKy-2oo|Mageia 10 Beta Released with Linux Kernel 6.18 and KDE Plasma 6.5| March 21 2026}}  +# {{Press item|Ferramentas Linux Blogspot|https://portallinuxferramentas.blogspot.com/2026/03/mageia-10-beta-arrives-deep-dive-into.html?m{{=}}1|Mageia 10 Beta Arrives: A deep dive| 21 March 2026}}     == German - Deutsch == == German - Deutsch == Marchugo

← Older revision Revision as of 10:10, 27 March 2026 (One intermediate revision by the same user not shown)Line 10: Line 10:  = Mageia stickers = = Mageia stickers =    −In this page you can find the images that can be used for printing stickers. To see the stickers of <b>version 10</b>, click [https://wiki.mageia.org/en/Stickers-v10 here]. The same images are viewed during the installation process of Mageia. All the elements are made using the Official colour palette and fonts summarized below:+In this page you can find the images that can be used for printing stickers. To see the stickers of <b>version 10</b>, click <i>here (soon available at the release of version 10)</i>. The same images are viewed during the installation process of Mageia. All the elements are made using the Official colour palette and fonts summarized below:     == Official Colour Palette == == Official Colour Palette == Bdac

Publication date: 25 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23554 Description Use after free of paging structures in EPT. (CVE-2026-23554) References

• https://bugs.mageia.org/show_bug.cgi?id=35222
• https://www.openwall.com/lists/oss-security/2026/03/17/6
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23554

SRPMS 9/core

• xen-4.17.5-1.git20251028.3.mga9

Publication date: 25 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-28690 , CVE-2026-30883 Description GraphicsMagick has a stack write buffer overflow in MNG encoder. (CVE-2026-28690) GraphicsMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder. (CVE-2026-30883) References

• https://bugs.mageia.org/show_bug.cgi?id=35256
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UHRHM3VZ5CG6TQ5X4EQBR77LTWVJJQVY/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883

SRPMS 9/core

• graphicsmagick-1.3.40-1.4.mga9

9/tainted

• graphicsmagick-1.3.40-1.4.mga9.tainted

Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795 Description CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack References

• https://bugs.mageia.org/show_bug.cgi?id=32676
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

SRPMS 9/core

• trilead-ssh2-217-8.jenkins293.1.mga9

Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-25916 , CVE-2026-26079 Description Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler, reported by y0us. Fix bug where a password could get changed without providing the old password, reported by flydragon777. Fix IMAP Injection + CSRF bypass in mail search, reported by Martila Security Research Team. Fix remote image blocking bypass via various SVG animate attributes, reported by nullcathedral. Fix remote image blocking bypass via a crafted body background attribute, reported by nullcathedral. Fix fixed position mitigation bypass via use of !important, reported by nullcathedral. Fix XSS issue in a HTML attachment preview, reported by aikido_security. Fix SSRF + Information Disclosure via stylesheet links to a local network hosts, reported by Georgios Tsimpidas (aka Frey), Security Researcher at https://i0.rs/. References

• https://bugs.mageia.org/show_bug.cgi?id=35237
• https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25916
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26079

SRPMS 9/core

• roundcubemail-1.6.14-1.mga9

Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-43457 , CVE-2026-20608 , CVE-2026-20635 , CVE-2026-20636 , CVE-2026-20644 , CVE-2026-20652 , CVE-2026-20676 Description CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed through improved state management. CVE-2026-20635 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20636 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20644 Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved memory handling. CVE-2026-20652 A remote attacker may be able to cause a denial-of-service. The issue was addressed with improved memory handling. CVE-2026-20676 A website may be able to track users through Safari web extensions. This issue was addressed through improved state management. References

• https://bugs.mageia.org/show_bug.cgi?id=35228
• https://webkitgtk.org/2026/03/12/webkitgtk2.50.6-released.html
• https://webkitgtk.org/security/WSA-2026-0001.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43457
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20608
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20635
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20636
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20644
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20652
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20676

SRPMS 9/core

• webkit2-2.50.6-1.mga9

Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2006-10002 , CVE-2006-10003 Description XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size causing a heap corruption (double free or corruption) and crashes. (CVE-2006-10002) XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. (CVE-2006-10003) References

• https://bugs.mageia.org/show_bug.cgi?id=35238
• https://www.openwall.com/lists/oss-security/2026/03/19/1
• https://www.openwall.com/lists/oss-security/2026/03/19/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-10002
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-10003

SRPMS 9/core

• perl-XML-Parser-2.460.0-6.1.mga9

Publication date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-33412 Description Command injection via newline in glob() affects Vim < 9.2.0202. (CVE-2026-33412) References

• https://bugs.mageia.org/show_bug.cgi?id=35239
• https://www.openwall.com/lists/oss-security/2026/03/19/10
• https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33412

SRPMS 9/core

• vim-9.2.209-1.mga9